but when it comes to downloading things from rapidshare.com , there'll be a huge list of IPs to deal with  ???

Ok. I've had a look at your status.php and I agree that the CLI firewall rules aren't sticking.

After some thought, I believe you can create the needed rules in the GUI by simply reversing the destination and source networks. The interface will be the same. So try this:

3. Create a rule in GUI on bge0 (LAN) to pass traffice from alias subnet (LAN2) to LAN subnet.

Apply the change and see what that does.

Set up an alias on the WAN interface. It will serve your purposes, although the aliased interface won't show up in the GUI, and it makes it a little trickier to create rules for it.

I'm getting started with this myself, I'm not sure but I think the monitor IP has to be unique to the interface ISP/range.  Maybe try a different IP (instead of dns, use a gateway IP or setup a static route to a website and use that).

services -> load balancer

Well, since I posted the first post, I have since added another T1, so I have 3 T1s going into a Cisco router (they are multilinked).

I really want cheaper bandwidth is why I asked - I am on a long contract with the T1s so they are locked in. I would love to be able to use cheap cable access to expand my bandwidth.

Thanks for the information, I'll review it some more.

to understand couple of things.
the rules you applied are giving for LAN2 Network devices access through the pfsense firewall to any IP with the specific ports as 20-21 and 6000-7000 and also access to the Pfsense localhost FTP helper ports.

so what is relation  between the rules to the cause?

UPDATE:

If you are using DHCP you need to connect fpsense to your modem and then the Interfaces will become available in the pool

Hi,

My setup is pretty much the same.
Not sure if i understand your question correct, but i'm using the Virtual IP option.
So just entry all your IP's (excepted the main IP of the Interface) wich you have from your ISP in the virtual IP section as CARP.

Hi
Yeah you are right stephend2…. a single Pool required and Rule must be pointed to PoolGateway.......
Its works fine for Static also ( ONLY FOR FAILOVER )

Thanks all of you for help.........
:)

You don't need a static route. It should suffice to add a rule on pfsense's WEB interface to pass packets from the web server's address to the sql server's address on the appropriate ports and protocols. Your web and sql servers will both have to know the appropriate gateway and subnet mask for their subnet.

Some work has been done on a dedicated DNS/DHCP server. See here: http://blog.pfsense.org/?p=244
You could also just not connect the WAN, turn off the firewall, and use the services you wanted. The 2.0beta builds should let you install with a single NIC.

http://forum.pfsense.org/index.php/topic,7001.msg39657.html#msg39657

after searching a lot!

Static Routes:
The dropdown for the interface defines on which interface the gateway for the remote subnet is reachable.
NOT that on the selected interface is the static route applied on inbound traffic.

Well, I did some more research, and according to this post:

http://www.tomschaefer.org/web/wordpress/?p=538

The user has gone to manual nat and turned on AON.  Is this necessary?  I'll change the setting today and see if there's a noticeable improvement.